As you may already know, when you install a certain app on your Android device the app requires some of your personal information. Some apps might be dangerous while others are harmless. Well, fitting in the dangerous category is one of the most used applications worldwide, namely the Facebook app for Android. Nobody knows why the app is doing this and for whom, but its seems that Facebook for Android is taking people’s phone number right from the moment they firstly open it. What’s worse is that you don’t even have to log in for it to take your number and send it to the Facebook stores where it’s servers where it’s stored.
This security flaw was found by the folks at Symantec (the company that makes the Norton security software) during a routine test, which they do on applications meant for mobile devices for their Mobile Insight application ( a mobile app that is able to detect privacy risks, malicious applications and intrusive behavior.
Symantec went to Facebook with the problem, who said that they did not have any knowledge of the issue. Facebook added that the phone numbers have not been used in any way and have been erased from their database. Furthermore, Symantec adds that there are many other apps that are doing this or even worse, not just Facebook. Although the security company doesn’t provide any specific app names, they say that more details will be offered in the following weeks.
Now returning to Facebook, I’m not going to talk about conspiracy theories, but it’s very weird for an application to take phone numbers even though the users are not even logging in. In other words, even if you are not a Facebook user, and you are just curious about how it looks like, once you download the app your number will be transferred to the Facebook servers. No further actions need to be performed, you just have to open the application once.
If I can recall, this is not Facebook’s first security flaw, which makes you wonder if it’s really worth using an application that doesn’t guarantee your privacy. I’m not saying that Facebook is doing this on purpose, but I’m also not buying the lack of “knowledge about the issue story.”
This serves as a reminder of the fact that people should be very careful when they install software on their devices, and they should always check the app permissions, which can be easily abused by the publisher.